Welcome to BearlyChilly! 👋

This is where we share our notes, articles, book reviews, and anything else that might be on our mind. Feel free to look around and stay a while! 🙂
How to Send Events to Splunk Using HEC - HTTP Event Collector

How to Send Events to Splunk Using HEC - HTTP Event Collector

HEC (HTTP Event Collector) is a super easy way to send data into Splunk. It opens up the opportunity to quickly update a script or application to send data into Splunk without having to install a forwarder or setting up a syslog server.

October 25, 2024 Â· 7 min Â· 1489 words Â· Emlin
Addressing Missing Index Error in Splunk

Addressing Missing Index Error in Splunk using LastChance

Have you ever encountered a ‘missing index’ error in Splunk and worried about losing your logs? This article shows you how to set up a ’lastchance’ index to catch those wayward logs, ensuring you don’t lose data even when it’s headed for a non-existent index.

August 25, 2024 Â· 3 min Â· 473 words Â· Emlin
Reindex Logs that Have Already Been Indexed by Splunk

Reindex Logs that Have Already Been Indexed by Splunk

What do you do when you want to reindex logs that have already been indexed by Splunk? This article shows you how to use the ‘fishbucket’ method to reindex your data, whether you indexed it into the wrong index or forgot to create an index before applying your inputs.conf.

August 25, 2024 Â· 4 min Â· 675 words Â· Emlin
Granting Splunk Access to System Logs on Linux

How to give Splunk access to Linux logs

Don’t just give it root access! Process of onbaording Linux logs into Splunk using ACLs.

August 25, 2024 Â· 3 min Â· 464 words Â· Emlin
Splunk App vs Add-On - Whats the Difference

Splunk App vs Add-On - What's the Difference?

A guide to understanding the difference between a Splunk App and a Splunk Add-On.

August 11, 2024 Â· 2 min Â· 275 words Â· Emlin